FIAC - Future Intelligence Analyst Course

Problem Solving

Intelligence Lifecycle

Planning, direction, collection, analysis, and dissemination.

Basic

Frameworks

Diamond Model, Kill Chain, and MITRE ATT&CK.

Basic

Intelligence Requirements

Defining PIRs and setting the direction for collection.

Intermediate

Requests for Information

Generating and answering intelligence requirements.

Basic

Basic Malware Analysis

Static vs Dynamic analysis for CTI practitioners.

Intermediate

Indicators of Compromise

Types of indicators: Atomic, Computed, and Behavioral.

Basic

Professional Effectiveness

Intelligence Fundamentals

Core concepts, definitions, and the importance of CTI.

Basic

Effective Communication

Communicating findings to stakeholders effectively.

Basic

Course of Action Development

Predicting adversary behavior and recommending responses.

Intermediate

Data Marking

TLP, PAP, and ensuring information security.

Basic

Data Management

Managing platforms, sources, and collection frameworks.

Intermediate

Technical Literacy

Intelligence in Cyberspace

Understanding the digital battlefield and its unique properties.

Basic

Operating Systems

Foundational principles of Windows, Linux, and macOS for CTI.

Basic

Networking Fundamentals

The OSI model, TCP/IP, common ports, and DNS in intelligence.

Basic

CIA Triad

Core security concepts and their application in threat assessment.

Basic

Cloud Computing

Service models, deployment models, and shared responsibility.

Intermediate

Cryptography

Encryption, hashing, and their use by both defenders and actors.

Intermediate

Policy

Understanding IRP, BCP, and DRP from an analyst's perspective.

Intermediate

Security Technologies

Network boundaries, endpoint security, and log management.

Intermediate

Cybersecurity Roles

Operations, specialist roles, and the CTI analyst's place.

Basic

Cyber Threat Proficiency

Threat Actors & Profiling

Identifying motivations, capabilities, and intent.

Intermediate

Attack Surface

Mapping external visibility and vulnerabilities.

Intermediate

Threat Landscape

Current trends, emerging threats, and geopolitical factors.

Intermediate

Tracking & Attribution

Clustering activity and identifying threat actors.

Advanced

Adversary Emulation

Testing defenses by mimicking real-world threat behaviors.

Advanced

CVEs

CVE process, CVSS, and Exploit Prediction (EPSS).

Intermediate

Bug Bounty Programs

Responsible disclosure and bug bounty platforms.

Basic

Adversary Frameworks

Post-exploitation and exploit frameworks like Cobalt Strike.

Intermediate

Criminal Marketplaces

Dark web, infostealer logs, and initial access brokers.

Intermediate

Challenges

SSL/TLS Infrastructure

Identify infrastructure using certificate pivot points.

Intermediate

Strings Analysis

Extract unique artifacts from binary content.

Basic

TLP Classification

Apply Traffic Light Protocol (TLP 2.0) to sharing scenarios.

Basic

MITRE ATT&CK Mapping

Identify tactics and techniques from threat reports.

Intermediate

Diamond Model Reconstruction

Reconstruct an event using the Diamond Model vertices.

Intermediate

PIR Development

Write an effective PIR for a healthcare organization.

Intermediate